本周的技术周刊涵盖了多个关键领域，包括WorkOS和MCP的安全授权、REST API的设计实践、AWS常用服务的介绍、大型语言模型(LLM)的术语解释，以及ByteByteGo的招聘信息和赞助机会。文章强调了安全的重要性，提供了API设计的最佳实践，列出了常用的AWS服务，并深入探讨了LLM相关的概念，为技术人员提供了丰富的知识和参考。

🛡️ WorkOS AuthKit 提供了基于角色的访问控制 (RBAC)，帮助团队快速锁定对关键工具的访问，防止安全漏洞。

💡 API设计方面，文章强调了资源导向的路径、HTTP动词的正确使用、版本控制、标准错误代码、幂等性、分页、以及API安全（包括API Keys、JWTs、OAuth2和HTTPS）等最佳实践。

☁️ AWS服务方面，文章按类别列出了30个常用服务，涵盖计算、存储、数据库、网络与安全、AI与机器学习、监控与DevOps等领域，方便开发者快速了解和使用。

🧠 LLM术语方面，文章将术语分为模型、训练、提示、推理和检索增强生成(RAG)五大类，详细解释了包括预训练、微调、Few/Zero-Shot学习、温度、最大Token数、幻觉等关键概念。

WorkOS + MCP: Authorization for AI Agents (Sponsored)

Wide-open access to every tool on your MCP server is a major security risk. Unchecked access can quickly lead to serious incidents.

Teams need a fast, easy way to lock down access with roles and permissions.

WorkOS AuthKit makes it simple with RBAC — assign roles, enforce permissions, and control exactly who can access critical tools.

Don’t wait for a breach to happen. Secure your server today.

Watch the demo to learn more

This week’s system design refresher:

System Design Was HARD - Until You Knew the Trade-Offs, Part 2 (Youtube video)

A Cheatsheet on REST API Design Best Practices

Top 30 AWS Services That Are Commonly Used

The Large-Language Model Glossary

We're hiring at ByteByeGo

SPONSOR US

System Design Was HARD - Until You Knew the Trade-Offs, Part 2

A Cheatsheet on REST API Design Best Practices

Well-designed APIs behave consistently, fair predictably, and grow without friction. Some best practices to keep in mind are as follows:

Resource-oriented paths and proper use of HTTP verbs help APIs align with standard tools.

Use a proper API versioning approach.

Use standard error codes while generating API responses.

APIs should be idempotent. They ensure safe retries by making repeated requests to produce the same result, especially for POST operations.

Idempotency keys allow clients to safely deduplicate operations with side effects.

APIs should support pagination to prevent performance bottlenecks and payload bloat. Some common pagination strategies are offset-based, cursor-based, and keyset-based.

API security is mandatory for well-designed APIs. Use proper authentication and authorization with APIs using API Keys, JWTs, OAuth2, and other mechanisms. HTTPS is also a must-have for APIs running in production.

Over to you: Which other best practices do you follow while designing APIs?

Pgvector vs. Qdrant: Open-Source Vector Database Comparison (Sponsored)

Looking for an open-source, high-performance vector database for large-scale workloads? We compare Qdrant vs. Postgres + pgvector + pgvectorscale.

Read The Benchmark

Top 30 AWS Services That Are Commonly Used

We group them by category and understand what they do.

Compute Services
1 - Amazon EC2: Virtual servers in the cloud
2 - AWS Lambda: Serverless functions for event-driven workloads
3 - Amazon ECS: Managed container orchestration
4 - Amazon EKS: Kubernetes cluster management service
5 - AWS Fargate: Serverless compute for containers

Storage Services
6 - Amazon S3: Scalable secure object storage
7 - Amazon EBS: Block storage for EC2 instances
8 - Amazon FSx: Fully managed file storage
9 - AWS Backup: Centralized backup automation
10 - Amazon Glacier: Archival cold storage for backups

Database Services
11 - Amazon RDS: Managed relational database service
12 - Amazon DynamoDB: NoSQL database with low latency
13 - Amazon Aurora: High-performance cloud-native database
14 - Amazon Redshift: Scalable data warehousing solution
15 - Amazon Elasticache: In-memory caching with Redis/Memcached
16 - Amazon DocumentDB: NoSQL document database (MongoDB-compatible)
17 - Amazon Keyspaces: Managed Cassandra database service

Networking & Security
18 - Amazon VPC: Secure cloud networking
19 - AWS CloudFront: Content Delivery Network
20 - AWS Route53: Scalable domain name system (DNS)
21 - AWS WAF: Protects web applications from attacks
22 - AWS Shield: DDoS protection for AWS workloads

AI & Machine Learning
23 - Amazon SageMaker: Build, train, and deploy ML models
24 - AWS Rekognition: Image and video analysis with AI
25 - AWS Textract: Extracts text from scanned documents
26 - Amazon Comprehend: AI-driven natural language processing

Monitoring & DevOps
27 - Amazon CloudWatch: AWS performance monitoring and alerts
28 - AWS X-Ray: Distributed tracing for applications
29 - AWS CodePipeline: CI/CD automation for deployments
30 - AWS CloudFormation - Infrastructure as Code (IaC)

Over to you: Which other AWS service will you add to the list?

The Large-Language Model Glossary

This glossary can be divided into high-level categories:

Models: Includes the types of models such as Foundation, Instruction-Tuned, Multi-modal, Reasoning, and Small Language Model.

Training LLM: Training begins with pretraining RLHF, DPO, and Synthetic Data. Fine-Tuning adds control with datasets, checkpoints, LoRA/QLoRA, guardrails, and parameter tunings.

Prompts: Prompts drive how models respond using User/System Prompts, Chain of Thought, of Few/Zero-Shot learning. Prompt Tuning and large Context Windows help shape more precise, multi-turn conversations.

Inference: This is how models generate responses. Key factors include Temperature, Max Tokens, Seed, and Latency. Hallucination is a common issue here, where the model makes things up that sound real.

Retrieval-Augmented Generation: RAG improves accuracy by fetching real-world data. It uses Retrieval, Semantic Search, Chunks, Embeddings, and VectorDBs. Reranking and Indexing ensure the best answers are surfaced, not just the most likely ones.

Over to you: What else will you add to the LLM glossary?

We're hiring two new positions at ByteByeGo: Full-Stack Engineer and Sales/Partnership

Role Type: Part-time (20+ weekly) or Full-time
Compensation: Competitive

Full-Stack Engineer (Remote)
We are hiring a Full Stack Engineer to build an easy-to-use educational platform and drive product-led growth. You'll work closely with the founder, wearing a product manager's hat when needed to prioritize user experience and feature impact. You'll operate in a fast-paced startup environment where experimentation, creativity, and using AI tools for rapid prototyping are encouraged.

We’re less concerned with years of experience. We care more about what you've built than about your resume. Share your projects, GitHub, portfolio, or any artifacts that showcase your ability to solve interesting problems and create impactful solutions. When you're ready, send your resume and a brief note about why you're excited to join ByteByteGo to jobs@bytebytego.com

Sales/Partnership (US based remote role)
We’re looking for a sales and partnerships specialist who will help grow our newsletter sponsorship business. This role will focus on securing new advertisers, nurturing existing relationships, and optimizing revenue opportunities across our newsletter and other media formats.

We’re less concerned with years of experience. What matters most is that you’re self-motivated, organized, and excited to learn and take on new challenges.

How to Apply: send your resume and a short note on why you’re excited about this role to jobs@bytebytego.com

SPONSOR US

Get your product in front of more than 1,000,000 tech professionals.

Our newsletter puts your products and services directly in front of an audience that matters - hundreds of thousands of engineering leaders and senior engineers - who have influence over significant tech decisions and big purchases.

Space Fills Up Fast - Reserve Today

Ad spots typically sell out about 4 weeks in advance. To ensure your ad reaches this influential audience, reserve your space now by emailing sponsorship@bytebytego.com.